CVE-2011-0027

Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer wrap and a buffer overflow, aka "ADO Record Memory Vulnerability." NOTE: this might be a duplicate of CVE-2010-1117 or CVE-2010-1118.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://osvdb.org/70444
http://secunia.com/advisories/42804	Vendor Advisory
http://support.avaya.com/css/P8/documents/100124846
http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/
http://www.securityfocus.com/bid/45698
http://www.securitytracker.com/id?1024947
http://www.us-cert.gov/cas/techalerts/TA11-011A.html	US Government Resource
http://www.vupen.com/english/advisories/2011/0075	Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-11-002/
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-002
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12411
http://osvdb.org/70444
http://secunia.com/advisories/42804	Vendor Advisory
http://support.avaya.com/css/P8/documents/100124846
http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/
http://www.securityfocus.com/bid/45698
http://www.securitytracker.com/id?1024947
http://www.us-cert.gov/cas/techalerts/TA11-011A.html	US Government Resource
http://www.vupen.com/english/advisories/2011/0075	Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-11-002/
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-002
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12411

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:microsoft:data_access_components:2.8:sp1:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:a:microsoft:data_access_components:2.8:sp2:*:*:*:*:*:*

OR	cpe:2.3:o:microsoft:windows_2003_server::sp2::::::*
	cpe:2.3:o:microsoft:windows_server_2003::sp2::::::*
	cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:::::*

Configuration 3 (hide)

AND

cpe:2.3:a:microsoft:windows_data_access_components:6.0:*:*:*:*:*:*:*

OR	cpe:2.3:o:microsoft:windows_7:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2008:::itanium:::::*
	cpe:2.3:o:microsoft:windows_server_2008:::x32:::::*
	cpe:2.3:o:microsoft:windows_server_2008:::x64:::::*
	cpe:2.3:o:microsoft:windows_server_2008::sp2:x32:::::
	cpe:2.3:o:microsoft:windows_server_2008::sp2:x64:::::
	cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:::::*
	cpe:2.3:o:microsoft:windows_server_2008:r2::itanium:::::
	cpe:2.3:o:microsoft:windows_server_2008:r2::x64:::::
	cpe:2.3:o:microsoft:windows_vista::sp1::::::*
	cpe:2.3:o:microsoft:windows_vista::sp2::::::*

History

21 Nov 2024, 01:23

Type	Values Removed	Values Added
References	~~() http://osvdb.org/70444 -~~	() http://osvdb.org/70444 -
References	~~() http://secunia.com/advisories/42804 - Vendor Advisory~~	() http://secunia.com/advisories/42804 - Vendor Advisory
References	~~() http://support.avaya.com/css/P8/documents/100124846 -~~	() http://support.avaya.com/css/P8/documents/100124846 -
References	~~() http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/ -~~	() http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/ -
References	~~() http://www.securityfocus.com/bid/45698 -~~	() http://www.securityfocus.com/bid/45698 -
References	~~() http://www.securitytracker.com/id?1024947 -~~	() http://www.securitytracker.com/id?1024947 -
References	~~() http://www.us-cert.gov/cas/techalerts/TA11-011A.html - US Government Resource~~	() http://www.us-cert.gov/cas/techalerts/TA11-011A.html - US Government Resource
References	~~() http://www.vupen.com/english/advisories/2011/0075 - Vendor Advisory~~	() http://www.vupen.com/english/advisories/2011/0075 - Vendor Advisory
References	~~() http://www.zerodayinitiative.com/advisories/ZDI-11-002/ -~~	() http://www.zerodayinitiative.com/advisories/ZDI-11-002/ -
References	~~() https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-002 -~~	() https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-002 -
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12411 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12411 -

07 Dec 2023, 18:38

Type	Values Removed	Values Added
CPE	cpe:2.3:o:microsoft:windows_vista::sp1:x64::::: cpe:2.3:o:microsoft:windows_vista::sp2:x64:::::

Information

Published : 2011-01-12 01:00

Updated : 2025-04-11 00:51

NVD link : CVE-2011-0027

Mitre link : CVE-2011-0027

CVE.ORG link : CVE-2011-0027

JSON object : View

Products Affected

microsoft

windows_server_2008
windows_data_access_components
windows_7
windows_server_2003
data_access_components
windows_2003_server
windows_xp
windows_vista

CWE

CWE-20

Improper Input Validation

9.3 /10